This one is interesting, it is asking whether there are and what are the risks of malicious GGUF files. The .safetensors file is “safe” because it cannot execute code, and is a simple binary layout with a JSON header and contiguous tensors blocks. Libraries validate shapes, dtypes, and offsets before reading.
People in the comments point out that since GGUF can execute code, it can theoretically cause buffer overflow. This is an interesting phenomena to note, it is one piece of evidence that using a local model does not guarantee safety, it always carries the risk of running malicious code on your computer.
Many people’s general advice is to keep the code updated so that patches to GGUF vulnerabilities are up to date.